Why retail is a top target for cyber attacks

A padlock clipped on a yellow credit card perched on a keyboard
(Image credit: Shutterstock)

Many businesses were saved during the pandemic by online shopping and click-and-collect services, and in turn, many businesses without a comprehensive online presence, or no presence at all, struggled or failed.

However, the prevalence of online shopping also opens up new avenues of risk. In an industry that has traditionally only seen crime in the form of shoplifting, online retail has become a favourite target among cyber criminals and has been one of the most attacked sectors this year.

We look at the factors that make the retail industry such a juicy target and the types of attacks they face, as well as the steps retailers can take to strengthen their security.

Why retailers are so vulnerable to cyber attacks

When the pandemic hit, a wave of businesses were forced to sell the entirety of their goods and services online. While e-commerce was an increasing trend pre-pandemic, online shopping sales in the UK rose by 48% to £113 billion during the height of the crisis.

For attackers, this meant a surge in the number of weak spots they could easily exploit.

Customer information has been perhaps the biggest target, including both details from card payments and general personal information. Retailers have access to a wealth of sensitive data about their customers, who use often-repeated login details for their accounts.

Being customer-centric, e-commerce sites and apps are also under pressure to be highly user-friendly, which often means leaving out important security measures like two-factor authentication that would create friction.


The state of ransomware in retail 2021

Insights into the current state of ransomware in the retail sector


Add to this the extremely competitive market that has pushed larger businesses to collect and analyse this data for more personalised experiences and marketing, and retail becomes an industry ripe for cyber crime.

With access to customer databases, criminals can send phishing emails pretending to be a legitimate business, and ask for personal details, send malicious links, or include malware that can wreak havoc on a customer’s PC.

As businesses increase their use of cloud computing and third-party vendors, supply chains have also become a common attack surface full of vulnerable touchpoints, particularly as retailers can’t always guarantee that their suppliers have robust cyber security in please, or even take security as seriously.

Issues persist outside of online sales as well, as retailers increase their use of IoT devices like security cameras and point of sales systems, which, because they’re connected to the internet, are more vulnerable to attack than regular hardware. A hacker can instal malware on a PoS system that records card swipes and pin numbers and infects other parts of the system.

Lastly, the nature of the retail workforce poses a threat from within. In a survey by the Ponemon Institute, over half of respondents admitted to taking information from a previous employer and 40% of those intended to use it in a new job. With lots of turnover and seasonal workers, former or disgruntled employees can compromise data just by copying information onto a USB and walking out the door.

Common cyber attacks that retailers face

On top of the threats mentioned above, like insider threats and phishing emails, retailers encounter a wide range of cyber attacks that can cause serious damage to their operations and reputations.

Any of the aforementioned threats can result in hackers or ex-employees leaking stolen data. Retailers face not only financial loss through fines for violating GDPR, but also loss of customer trust and business.

Through a botnet attack, attackers can bring together an array of compromised devices and systems and use them to carry out attacks, or sell access to the system to other malicious actors.

Ransomware is another major type of attack retailers face, often during busy times like Black Friday or the lead up to Christmas. Attackers put a halt on operations until businesses pay the ransoms, putting an enormous loss of revenue and customer confidence on the line. According to a survey conducted by Sophos, 44% of retail organisations in the last year were hit by ransomware and 32% of those paid up.

Simple steps to protect your retail business from cyber threats

As the pandemic has made clear, being adaptable in all aspects is a key to survival. Having an agile strategy that incorporates machine learning and automation will help retailers maintain robust security systems in the face of future disruptions.

The onus shouldn’t be entirely on CISOs and IT departments, however; since security is a company-wide concern, there must be board-level buy-in.

Make sure all decision makers understand the risk of any new tech, workflows, or partners you bring on in your attempts to increase revenue and digitise. Since vendors in the supply chain are one major concern, be as proactive with their security practices as you are with your own, regularly questioning and monitoring.

For information and advice pertaining specifically to ransomware threats on retailers, read this complementary resource from Sophos here.